While the recent Italian job uproar has still yet to settle down, a new attack is trying to cause a stir again in Italy. This time, it is a spam attack. Seems like the Web bullies are not about to back down on Italy just yet. The malicious email capitalizes on the much-awaited releases of Harry Potter s next book and movie installment, which are both scheduled this July. The said email message promotes the next Harry Potter movie, saying that clicking the attachment gives the recipients a chance to win two seats to the movie premier. However, instead of getting movie passes, users who click on the attachment get an HTTP downloader. Based on initial analysis by Senior AV researcher David Sancho, this malware connects to a malicious Web site to download other malware into the affected user s computer. Trend Micro detects this downloader as TROJ_DLOADER.NKY. The promotion is said to be only for Italy, which indicates that the attack is yet again targeted on the said region. But regardless of where the attack is targeted, users should be wary of the said email message. TrendLabs is currently working to provide an in-depth analysis for this new threat. Updates to be posted soon.
Update: Here is the snapshot of the email.